[
https://issues.apache.org/jira/browse/HADOOP-10301?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13951286#comment-13951286
]
Daryn Sharp commented on HADOOP-10301:
--------------------------------------
This jira and HDFS-4564 are sufficient to fix webhdfs. HADOOP-9363 should
remain open to fix the authenticated url issues. The hdfs jira doesn't pass
true to the url factory so it bypasses the use of authenticated url which
avoids another raft of problems. The use of the auth cookie is completely
unnecessary with webhdfs because it obtains a token and then uses it for all
subsequent operations.
> AuthenticationFilter should return Forbidden for failed authentication
> ----------------------------------------------------------------------
>
> Key: HADOOP-10301
> URL: https://issues.apache.org/jira/browse/HADOOP-10301
> Project: Hadoop Common
> Issue Type: Bug
> Components: security
> Affects Versions: 0.23.0, 2.0.0-alpha, 3.0.0
> Reporter: Daryn Sharp
> Assignee: Daryn Sharp
> Priority: Blocker
> Attachments: HADOOP-10301.branch-23.patch,
> HADOOP-10301.branch-23.patch, HADOOP-10301.patch, HADOOP-10301.patch,
> HADOOP-10301.patch
>
>
> The hadoop-auth AuthenticationFilter returns a 401 Unauthorized without a
> WWW-Authenticate headers. The is illegal per the HTTP RPC and causes a NPE
> in the HttpUrlConnection.
> This is half of a fix that affects webhdfs. See HDFS-4564.
--
This message was sent by Atlassian JIRA
(v6.2#6252)
